orca-so.app
Open in
urlscan Pro
2606:4700:3035::6815:374e
Malicious Activity!
Public Scan
Effective URL: https://orca-so.app/
Submission: On January 27 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on November 30th 2023. Valid for: 3 months.
This is the only time orca-so.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2606:4700:303... 2606:4700:3035::6815:374e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c09::5f | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:4700:10:... 2606:4700:10::ac43:b32 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 52.222.169.52 52.222.169.52 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 54.186.23.98 54.186.23.98 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 151.101.192.176 151.101.192.176 | 54113 (FASTLY) (FASTLY) | |
1 | 44.238.254.105 44.238.254.105 | 16509 (AMAZON-02) (AMAZON-02) | |
15 | 8 |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-52.cdg52.r.cloudfront.net
js.stripe.com |
ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-254-105.us-west-2.compute.amazonaws.com
m.stripe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
stripe.com
js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188 |
5 KB |
3 |
orca.so
www.orca.so |
16 KB |
3 |
orca-so.app
orca-so.app |
62 KB |
2 |
stripe.network
m.stripe.network — Cisco Umbrella Rank: 1315 |
16 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369 |
31 KB |
15 | 5 |
Domain | Requested by | |
---|---|---|
3 | q.stripe.com |
orca-so.app
|
3 | www.orca.so |
orca-so.app
|
3 | orca-so.app |
orca-so.app
|
2 | m.stripe.network |
js.stripe.com
m.stripe.network |
2 | js.stripe.com |
orca-so.app
js.stripe.com |
1 | m.stripe.com |
m.stripe.network
|
1 | ajax.googleapis.com |
orca-so.app
|
15 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
v1.orca.so |
Subject Issuer | Validity | Valid | |
---|---|---|---|
orca-so.app GTS CA 1P5 |
2023-11-30 - 2024-02-28 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
www.orca.so GTS CA 1P5 |
2023-12-04 - 2024-03-03 |
3 months | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2024-01-02 - 2024-04-04 |
3 months | crt.sh |
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-12-20 - 2024-03-21 |
3 months | crt.sh |
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-22 - 2024-03-21 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://orca-so.app/
Frame ID: F99E9CEB399524122C245AA675BAB256
Requests: 22 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: AC39A2DCFBA87BF90A3F699C6A298216
Requests: 4 HTTP requests in this frame
Frame:
https://m.stripe.network/inner.html
Frame ID: C40E74578AB2DAB5487E1B7DFDC9196A
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Orca | DeFi for people, not programsPage URL History Show full URLs
-
http://orca-so.app/
HTTP 307
https://orca-so.app/ Page URL
Detected technologies
Stripe (Payment Processors) ExpandDetected patterns
- js\.stripe\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Orca Protocol Disclaimer
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://orca-so.app/
HTTP 307
https://orca-so.app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
orca-so.app/ Redirect Chain
|
169 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
orca-so.app/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
func.js
orca-so.app/ |
2 KB 897 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
618 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
767 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
819 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-kelp.svg
www.orca.so/ |
23 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
www.orca.so/_next/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
www.orca.so/_next/ |
1010 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame AC39 |
200 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame AC39 |
631 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame AC39 |
0 718 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame AC39 |
0 717 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inner.html
m.stripe.network/ Frame C40E |
930 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame C40E |
0 491 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
out-4.5.43.js
m.stripe.network/ Frame C40E |
87 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
6
m.stripe.com/ Frame C40E |
156 B 669 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| mostrar function| chamarmodal function| $ function| jQuery function| openModalError_button1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
m.stripe.com/ | Name: m Value: 6caeba03-fe71-492a-b7f4-4645acf0384c7a4992 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
orca-so.app
q.stripe.com
www.orca.so
151.101.192.176
2606:4700:10::ac43:b32
2606:4700:3035::6815:374e
2607:f8b0:4004:c09::5f
44.238.254.105
52.222.169.52
54.186.23.98
0031faa52ea912fee1494db76442c8f8d2c5af5fa9ac077f8a45209a6f83b41d
03ce37a48e8fa8b84caf58f902a90dac8db3fdab937b2c8c7a056a56b9f5dd16
103ef4b670d4ab81793bf213a9cc1024ac25064260b7cda7f11ef90854b42941
1cbd1fa9704aaa148578fd626205e7c47d664dab8b5b586a5c52b0bb4e060143
29d3d8ecfaae6bcc739d2566624f16ec4c5099fb15b6a9bfe0a78582ffaa41cc
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36ec90aea0702d8abd3d4fc72b3d189c44fe1fa3cf6cb3c617f6f4522f92540f
3d63f5523f7e91d44f00f52d2ccf2f2766193bfe1db0cc27e9018975a74306ef
3e6d097f02f00472f30b829ec29deefadb5e559d272262f25db9b079be74a1a8
4b182992587119e85db1545688b637d5322778bd1894b548d1082394d522cd7b
4de0f7541473fd639ed252f1ed9b1169a3336b39acbef43d48b5335b169ae323
5cfc4286ee88c69f1b11cbb016dcc96f94558c1293ee442acd705569727107be
6ebbeff35834ab2030fada9fccbd2315e21b6a9918530d306d9f8885cadd7cb1
8639f1b554805fc4f701a8629deddd603c18f622b60d35f63ad686032b91b549
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a164552a6dde632a86cead517df62c316010645e2c79c278f0999d56fad0e0a9
a7823d686a7c25880d1b13e670a541c65e9a5cd726d2a83a0bf924af3d7d5c3d
caae9257d022b731b579a65d458ee204cb2cc404cb9f300e78274d4bdf915d30
da4f28e516dfeb3118bffbf7dd48944620adf0f15d1e9fc019d1a21d5e6167eb
de7bcb1e092562459f03066ae4badc1a6495c370e31f5bed4a78d2093a801bef
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e18039d9b86dfb20f0de75a236ce38ca78dd53810c1e6db42c70baa281d54318
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f0a1e2263ef6cdf30ab88d2f53e6d4e16a40e66fc3f4d28755d6bc11bb19ec81
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb5c7ff3610c344e4ab26d45f23e9133706716c410db246a482b004b7079c4e2